Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
File:                     TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json)
Hash identifier:          sSSrGv+5meSM0NcW+bJKtBJqaHEdhKj48Nd+qegiPm4=
Subject key identifier:   57:EA:A7:0A:8E:67:C8:2B:7C:69:70:9F:FA:7F:25:97:2B:CF:E3:1D
Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92
Certificate issuer:       /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
Certificate serial:       018FB23326F8CD8DE2C81BC4A9C9523BA19B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
Manifest number:          0671
Signing time:             Sun 26 May 2024 00:00:47 +0000
Manifest this update:     Sun 26 May 2024 00:00:47 +0000
Manifest next update:     Mon 27 May 2024 00:00:47 +0000
Files and hashes:         1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: t+R4h6tDmgTGCraaXIJwDat/QsvOMFZfYG6NpANYdPs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 26 May 2024 18:17:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:b2:33:26:f8:cd:8d:e2:c8:1b:c4:a9:c9:52:3b:a1:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
        Validity
            Not Before: May 26 00:00:47 2024 GMT
            Not After : May 27 00:00:47 2024 GMT
        Subject: CN=57eaa70a8e67c82b7c69709ffa7f25972bcfe31d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9a:81:55:91:da:f6:77:16:07:2f:05:2b:a3:
                    81:74:43:e8:a0:41:d5:f4:32:2b:c2:43:17:77:ec:
                    62:dc:0f:8b:51:89:bd:b3:30:26:bb:f3:1b:74:22:
                    9e:18:04:1e:61:d1:88:f4:38:59:84:9b:72:54:4b:
                    4f:48:6b:48:36:7e:f8:1f:6e:bf:d7:79:24:e4:d2:
                    4e:22:10:39:43:1a:53:8f:87:6e:13:9d:3c:55:9a:
                    97:b6:a7:ec:66:14:d5:20:e0:eb:b1:f1:6a:61:7b:
                    72:9d:94:19:8d:5e:0a:dd:92:96:af:a6:d8:f1:ca:
                    f8:00:dc:32:0e:c3:32:74:a2:25:7f:00:ab:52:30:
                    7f:c5:e9:de:84:75:d6:2d:6e:4a:bd:1e:ca:42:94:
                    7a:10:8b:45:19:e3:65:d7:67:ff:c7:5e:59:7b:4d:
                    b6:2a:41:b9:30:ec:3d:20:12:c7:c5:03:6a:29:b2:
                    8c:7d:3f:3a:c2:1e:e5:9a:ee:49:55:e6:72:36:5b:
                    ad:61:85:65:01:a5:fd:69:40:5f:c0:2e:fe:db:6b:
                    35:2b:f9:d9:d6:45:8f:c6:78:84:76:e7:70:84:9d:
                    6f:7a:b5:0f:1a:d8:66:7f:e5:a6:5c:c8:ab:3c:f7:
                    e3:87:17:58:e6:db:45:56:ef:3e:75:06:f7:00:97:
                    08:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:EA:A7:0A:8E:67:C8:2B:7C:69:70:9F:FA:7F:25:97:2B:CF:E3:1D
            X509v3 Authority Key Identifier:
                keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:fc:71:25:1c:2a:f3:4f:94:5a:b0:2c:74:47:10:2d:91:d1:
         47:7f:a1:fb:44:d1:e5:59:c5:69:fc:2e:f2:0b:4c:9a:d3:14:
         b4:26:32:ce:40:4a:91:4c:75:94:dc:10:34:65:61:66:87:d5:
         e7:8c:42:98:f7:0c:5d:14:a4:ba:bb:d1:2c:0d:94:b0:26:f5:
         d1:78:d2:ad:c5:25:0b:f8:fb:c4:d9:3d:4d:e5:e0:1f:f1:d2:
         a7:e7:8a:a0:10:aa:c6:df:6a:69:a5:c3:35:4d:05:5d:6b:89:
         f7:66:d8:d0:81:59:dc:8b:62:20:bc:ad:cc:8a:84:7b:8a:cc:
         54:29:0f:8e:da:d1:ae:e0:c0:7c:ae:40:d6:42:48:5f:c4:4b:
         62:70:be:8e:60:39:41:e9:75:c2:53:a9:49:c2:14:61:f4:f8:
         2c:71:ec:85:0a:83:17:ca:62:f0:d4:85:2e:bb:78:11:de:6e:
         9c:a8:7d:6d:12:c6:c0:c8:a8:0b:e1:67:e3:24:6f:f4:a3:eb:
         73:83:e2:74:6c:17:f9:8f:89:f9:09:21:7e:ab:e9:ae:21:a8:
         ef:36:7b:d2:f4:65:ea:44:48:c5:ba:ba:66:8e:19:ee:0a:bd:
         b1:93:51:fe:7b:83:05:de:ce:d3:1d:ab:6c:00:a7:b4:88:6a:
         b1:83:39:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+yMyb4zY3iyBvEqclSO6GbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx
Mzk0OTIwHhcNMjQwNTI2MDAwMDQ3WhcNMjQwNTI3MDAwMDQ3WjAzMTEwLwYDVQQD
Eyg1N2VhYTcwYThlNjdjODJiN2M2OTcwOWZmYTdmMjU5NzJiY2ZlMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pqBVZHa9ncWBy8FK6OBdEPooEHV
9DIrwkMXd+xi3A+LUYm9szAmu/MbdCKeGAQeYdGI9DhZhJtyVEtPSGtINn74H26/
13kk5NJOIhA5QxpTj4duE508VZqXtqfsZhTVIODrsfFqYXtynZQZjV4K3ZKWr6bY
8cr4ANwyDsMydKIlfwCrUjB/xenehHXWLW5KvR7KQpR6EItFGeNl12f/x15Ze022
KkG5MOw9IBLHxQNqKbKMfT86wh7lmu5JVeZyNlutYYVlAaX9aUBfwC7+22s1K/nZ
1kWPxniEdudwhJ1verUPGthmf+WmXMirPPfjhxdY5ttFVu8+dQb3AJcIYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfqpwqOZ8grfGlwn/p/JZcrz+MdMB8GA1UdIwQY
MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt
NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1
LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPxxJRwq
80+UWrAsdEcQLZHRR3+h+0TR5VnFafwu8gtMmtMUtCYyzkBKkUx1lNwQNGVhZofV
54xCmPcMXRSkurvRLA2UsCb10XjSrcUlC/j7xNk9TeXgH/HSp+eKoBCqxt9qaaXD
NU0FXWuJ92bY0IFZ3ItiILytzIqEe4rMVCkPjtrRruDAfK5A1kJIX8RLYnC+jmA5
Qel1wlOpScIUYfT4LHHshQqDF8pi8NSFLrt4Ed5unKh9bRLGwMioC+Fn4yRv9KPr
c4PidGwX+Y+J+QkhfqvpriGo7zZ70vRl6kRIxbq6Zo4Z7gq9sZNR/nuDBd7O0x2r
bACntIhqsYM5Wg==
-----END CERTIFICATE-----